Move status checks for www, autoconfig, autodiscover, and mta-sts to within the section for the parent domain
Since we're checking the MTA-STS policy, there's no need to check that the domain resolves etc. directly.
This commit is contained in:
parent
10bedad3a3
commit
b805f8695e
|
@ -311,6 +311,17 @@ def run_domain_checks(rounded_time, env, output, pool):
|
||||||
|
|
||||||
domains_to_check = mail_domains | dns_domains | web_domains
|
domains_to_check = mail_domains | dns_domains | web_domains
|
||||||
|
|
||||||
|
# Remove "www", "autoconfig", "autodiscover", and "mta-sts" subdomains, which we group with their parent,
|
||||||
|
# if their parent is in the domains to check list.
|
||||||
|
domains_to_check = [
|
||||||
|
d for d in domains_to_check
|
||||||
|
if not (
|
||||||
|
d.split(".", 1)[0] in ("www", "autoconfig", "autodiscover", "mta-sts")
|
||||||
|
and len(d.split(".", 1)) == 2
|
||||||
|
and d.split(".", 1)[1] in domains_to_check
|
||||||
|
)
|
||||||
|
]
|
||||||
|
|
||||||
# Get the list of domains that we don't serve web for because of a custom CNAME/A record.
|
# Get the list of domains that we don't serve web for because of a custom CNAME/A record.
|
||||||
domains_with_a_records = get_domains_with_a_records(env)
|
domains_with_a_records = get_domains_with_a_records(env)
|
||||||
|
|
||||||
|
@ -361,6 +372,26 @@ def run_domain_checks_on_domain(domain, rounded_time, env, dns_domains, dns_zone
|
||||||
if domain in dns_domains:
|
if domain in dns_domains:
|
||||||
check_dns_zone_suggestions(domain, env, output, dns_zonefiles, domains_with_a_records)
|
check_dns_zone_suggestions(domain, env, output, dns_zonefiles, domains_with_a_records)
|
||||||
|
|
||||||
|
# Check auto-configured subdomains. See run_domain_checks.
|
||||||
|
# Skip mta-sts because we check the policy directly.
|
||||||
|
for label in ("www", "autoconfig", "autodiscover"):
|
||||||
|
subdomain = label + "." + domain
|
||||||
|
if subdomain in web_domains or subdomain in mail_domains:
|
||||||
|
# Run checks.
|
||||||
|
subdomain_output = run_domain_checks_on_domain(subdomain, rounded_time, env, dns_domains, dns_zonefiles, mail_domains, web_domains, domains_with_a_records)
|
||||||
|
|
||||||
|
# Prepend the domain name to the start of each check line, and then add to the
|
||||||
|
# checks for this domain.
|
||||||
|
for attr, args, kwargs in subdomain_output[1].buf:
|
||||||
|
if attr == "add_heading":
|
||||||
|
# Drop the heading, but use its text as the subdomain name in
|
||||||
|
# each line since it is in Unicode form.
|
||||||
|
subdomain = args[0]
|
||||||
|
continue
|
||||||
|
if len(args) == 1 and isinstance(args[0], str):
|
||||||
|
args = [ subdomain + ": " + args[0] ]
|
||||||
|
getattr(output, attr)(*args, **kwargs)
|
||||||
|
|
||||||
return (domain, output)
|
return (domain, output)
|
||||||
|
|
||||||
def check_primary_hostname_dns(domain, env, output, dns_domains, dns_zonefiles):
|
def check_primary_hostname_dns(domain, env, output, dns_domains, dns_zonefiles):
|
||||||
|
|
Loading…
Reference in New Issue